Example 91 with AuthenticationResult
use of org.apereo.cas.authentication.AuthenticationResult in project cas by apereo.
the class AbstractServiceValidateControllerTests method verifyValidServiceTicketAndPgtUrlMismatch.
@Test
public void verifyValidServiceTicketAndPgtUrlMismatch() throws Exception {
final Service svc = RegisteredServiceTestUtils.getService("proxyService");
final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
final TicketGrantingTicket tId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), svc, ctx);
final MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, svc.getId());
request.addParameter(CasProtocolConstants.PARAMETER_TICKET, sId.getId());
request.addParameter(CasProtocolConstants.PARAMETER_PROXY_GRANTING_TICKET_URL, "http://www.github.com");
final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse());
assertFalse(modelAndView.getView().toString().contains(SUCCESS));
assertNull(modelAndView.getModel().get(CasProtocolConstants.PARAMETER_PROXY_GRANTING_TICKET_IOU));
}
Also used :
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
ModelAndView(org.springframework.web.servlet.ModelAndView)
Service(org.apereo.cas.authentication.principal.Service)
ServiceTicket(org.apereo.cas.ticket.ServiceTicket)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
Test(org.junit.Test)
Example 92 with AuthenticationResult
use of org.apereo.cas.authentication.AuthenticationResult in project cas by apereo.
the class WsFederationAction method buildCredentialsFromAssertion.
private Event buildCredentialsFromAssertion(final RequestContext context, final Pair<Assertion, WsFederationConfiguration> assertion, final Service service) {
try {
LOGGER.debug("Creating credential based on the provided assertion");
final WsFederationCredential credential = this.wsFederationHelper.createCredentialFromToken(assertion.getKey());
final WsFederationConfiguration configuration = assertion.getValue();
final String rpId = wsFederationHelper.getRelyingPartyIdentifier(service, configuration);
if (credential == null) {
LOGGER.error("SAML no credential could be extracted from [{}] based on RP identifier [{}] and IdP identifier [{}]", assertion.getKey(), rpId, configuration.getIdentityProviderIdentifier());
return error();
}
if (credential != null && credential.isValid(rpId, configuration.getIdentityProviderIdentifier(), configuration.getTolerance())) {
LOGGER.debug("Validated assertion for the created credential successfully");
if (configuration.getAttributeMutator() != null) {
LOGGER.debug("Modifying credential attributes based on [{}]", configuration.getAttributeMutator().getClass().getSimpleName());
configuration.getAttributeMutator().modifyAttributes(credential.getAttributes());
}
} else {
LOGGER.error("SAML assertions are blank or no longer valid based on RP identifier [{}] and IdP identifier [{}]", rpId, configuration.getIdentityProviderIdentifier());
return error();
}
context.getFlowScope().put(CasProtocolConstants.PARAMETER_SERVICE, service);
LOGGER.debug("Creating final authentication result based on the given credential");
final AuthenticationResult authenticationResult = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(service, credential);
LOGGER.debug("Attempting to create a ticket-granting ticket for the authentication result");
WebUtils.putTicketGrantingTicketInScopes(context, this.centralAuthenticationService.createTicketGrantingTicket(authenticationResult));
LOGGER.info("Token validated and new [{}] created: [{}]", credential.getClass().getName(), credential);
return success();
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
return error();
}
}
Also used :
WsFederationConfiguration(org.apereo.cas.support.wsfederation.WsFederationConfiguration)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
WsFederationCredential(org.apereo.cas.support.wsfederation.authentication.principal.WsFederationCredential)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
Aggregations
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)92
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)66
Test (org.junit.Test)66
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)47
Service (org.apereo.cas.authentication.principal.Service)41
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)21
Authentication (org.apereo.cas.authentication.Authentication)17
AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)16
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)15
Credential (org.apereo.cas.authentication.Credential)13
Assertion (org.apereo.cas.validation.Assertion)12
CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)11
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)11
UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)9
RegisteredService (org.apereo.cas.services.RegisteredService)8
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)7
ModelAndView (org.springframework.web.servlet.ModelAndView)7
AuthenticationResultBuilder (org.apereo.cas.authentication.AuthenticationResultBuilder)5
PostMapping (org.springframework.web.bind.annotation.PostMapping)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
